Política de privacidad de Cloudflare

This Privacy Policy is effective as of March 27, 2020.

We have updated our October 31, 2019 privacy policy to address new products and services and to give you a more comprehensive understanding of how we handle your personal information.

This Cloudflare Privacy Policy (“Policy”) outlines the personal information that Cloudflare, Inc. (“Cloudflare”, “we”, “us” or “our”) gathers, how we use that personal information, and the options you have to access, correct, or delete such personal information.


Nuestra misión, consistente en construir una Internet mejor, se basa en la importancia de crear confianza con nuestros Clientes, los usuarios y la comunidad de Internet mundial. Para conseguir y mantener dicha confianza, nos comprometemos a comunicarnos con transparencia, aportando seguridad y protegiendo la privacidad de los datos en nuestros sistemas.

Mantenemos su información como personal y privada. No venderemos o alquilaremos tu información personal a nadie. No compartiremos ni de otro modo divulgaremos, salvo que ello sea necesario para prestar nuestros Servicios o si así se prevé en esta Política, sin primero notificarle a usted la divulgación y darle la oportunidad de prestar su consentimiento.


This Policy applies to Cloudflare’s collection, use, and disclosure of the personal information of the following categories of data subjects:

  • Attendees: Those who visit our offices or provide their information to Cloudflare or Cloudflare representatives when they attend or register to attend Cloudflare-sponsored events or other events at which Cloudflare (and/or its representatives) participates, as well as those who participate in Cloudflare’s studies such as user experience research.
  • Website Visitors: Those who visit our Websites and who may opt to provide an email address or other contact information to receive communications from Cloudflare, fill out a survey, or provide feedback. For the purposes of this Policy, “Websites” refer collectively to www.cloudflare.com as well as any other websites Cloudflare operates for its own behalf and that link to this Policy. For clarity, “Websites” does not include any sites owned or operated by our Customers, including where we serve as Registrar.
  • Customers: Individuals or entities who enter into a subscription agreement with Cloudflare (or its authorized partner) and to whom Cloudflare provides Services pursuant to such agreement. For purposes of this Policy, “Services” shall refer to all of the cloud-based solutions offered, marketed, or sold by Cloudflare or its authorized partners that are designed to increase the performance, security, and availability of Internet properties, applications, devices, and networks, along with any software, software development kits, and application programming interfaces ("APIs") made available in connection with the foregoing.
  • Administrators: Those with login credentials for a Cloudflare account and/or those who administer any of the Services for a Customer. In some cases, an Administrator and Customer may be the same individual. In other cases, an Administrator may be an agent acting on behalf of a Customer.
  • Public DNS Resolver Users: Those who use Cloudflare’s Public Recursive Domain Name System (“DNS”) Resolver services, such as the Public DNS Resolver. Learn more about the Public DNS Resolver here.
  • End Users: Those who (i) access or use our Customers’ domains, networks, websites, application programming interfaces, and applications, or (ii) are authorized Cloudflare for Teams users, such as our Customers’ employees, agents, or contractors.
  • Registrantes: usuarios de los servicios de registro de dominio de Cloudflare. Cloudflare es un registrador acreditado por ICANN y cumple con el Acuerdo de Acreditación de Registradores de 2013 (“RAA”).

This Policy does not apply to “Application Users”—those individuals who use Cloudflare’s consumer-facing applications, such as the Application. See the Application Privacy Policy for more information about the data collection and use practices for Cloudflare's Application and the associated Application Services.

This Policy also does not apply to our Customers’ domains, websites, APIs, applications, and networks, which may have their own terms and privacy policies. Our Customers are solely responsible for establishing policies for and ensuring compliance with all applicable laws and regulations, including those relating to the collection of personal information, in connection with the use of our Services by End Users with whom our Customers interact.

Cloudflare’s Websites and Services are not intended for, nor designed to attract, individuals under the age of eighteen. Cloudflare does not knowingly collect personal information from any person under the age of eighteen.

2. INFORMATION WE COLLECT (Categories of Data Subjects)


  • Name, email address, and other contact information. We may ask for and collect personal information such as your name, address, phone number and email address when you visit our offices, register for or attend a sponsored event or other events at which Cloudflare (and/or its representatives) participates, or participate in Cloudflare’s studies such as user experience research.
  • Image and voice. When you participate in a Cloudflare study, we may ask for your permission to record your voice and/or image during your participation in the study.

Visitantes del Sitio web:

  • Name, email address, and other contact information. Name, email address, and other contact information. We ask for and—at your option—collect personal information from you when you submit web forms on our Websites, including opportunities to sign up for and agree to receive email communications from us. We also may ask you to submit such personal information if you choose to use interactive features of the Websites, including participation in surveys, contests, promotions, sweepstakes, or studies, requesting customer support, submitting feedback, or otherwise communicating with us. We will send such communications in accordance with applicable law.

  • Archivos de registro. Al igual que cuando visita e interactúa con la mayoría de los sitios web y servicios suministrados a través de Internet, cuando visita nuestros Sitios web, incluido el Foro de comunidad de Cloudflare, recopilamos cierta información y la almacenamos en archivos de registro. Esta información puede incluir, entre otros aspectos, las direcciones de protocolo de Internet (IP), la información de configuración del sistema, las URL de las páginas de referencia y las preferencias de idioma y configuración regional.

  • Cookies and Other Tracking Technologies. We may use cookies and other information-gathering technologies for a variety of purposes, such as providing us with information about how you interact with our Websites and assisting us in our marketing efforts. You can control how websites use cookies by configuring your browser's privacy settings (please refer to your browser's help function to learn more about cookie controls). Note that if you disable cookies entirely, Cloudflare’s Websites may not function properly. We may also use cookies and similar technologies to provide you advertising on third-party sites based upon your browsing activities and interests. If you wish not to have this information used for the purpose of serving you interest-based ads, you may opt-out by clicking here (or if located in the European Union, the United Kingdom, or Switzerland, click here). You may view a complete list of cookies and change your cookie preferences by clicking on the “Cookie Preferences” link in the footer of the Cloudflare homepage at cloudflare.com. For more information about the cookies Cloudflare uses and your privacy choices, please see our Cookie Policy.

  • Material contributed in Interactive Areas. The Websites may offer publicly accessible blogs, community forums, comments sections, discussion forums, or other interactive features (“Interactive Areas”). If you choose to participate in any of these Interactive Areas, please be aware that any information that you post in an Interactive Area might be read, collected, and used by others who access it. If you wish to remove your personal information from any of our Interactive Areas, please see the Section 8, below.

Customers and Administrators

  • Customer Account Information. Customer Account Information. When you register for an account, we collect contact information. Depending on subscription level, this contact information may include your Customer name, the email address(es) of your account Administrator(s), telephone number, and addresses necessary to process payment and delivery of Services. In addition, when you use the Services, we collect information about how you configure your account and the Services (e.g., firewall settings for the domains you administer), and we maintain logs of Administrator activity. We refer to all of this information collectively as “Customer Account Information” for the purposes of this Policy. Customer Account Information is required to enable your access to your Cloudflare account and Services. By providing us with any personal information, you represent that you are the owner of such personal information or otherwise have the requisite consent to provide it to us.

  • Payment Information. We do not require our Customers to have payment information on file with us unless they have a paid subscription to our Services. When you sign up for one of our paid Services, you must provide payment and billing information. The information you will need to submit depends on which payment method you choose. For example, if you pay with a credit card, we will collect your card information and billing address, although we do not store full credit card numbers or personal account numbers.

Public DNS Resolver Users

  • Limited DNS query data. We will collect limited DNS query data that is sent to our public DNS resolver service (“ resolver”). Our resolver service does not log personal data, and the bulk of the limited non-personally identifiable query data is only stored for 25 hours. You can learn more about our resolver commitment to privacy here.

Please note that our data handling practices for our Application, which is not covered by this Policy, are somewhat different than our public DNS resolver data handling practices and are described here.

Usuarios finales:

Cloudflare processes End Users’ information only on behalf of our Customers. This information is processed when End Users access or use our Customers’ domains, websites, APIs, applications, devices, end points, and networks that use one or more of our Services. Cloudflare also processes End Users’ information on behalf of our Customers when the End Users access our Services pursuant to our Customers’ authorization. The information processed may include but is not limited to IP addresses, system configuration information, and other information about traffic to and from Customers’ websites, devices, applications, and/or networks (collectively, “Log Data”).


  • Contact and domain information. We collect data such as domain name and status, contact information (such as name, organization, address, phone number and email address), name server, DNSSEC, and Form of Approval (i.e., full WHOIS capture at time of transfer into our system, including the IP address that initiated the transfer).

Cuando Cloudflare es un proxy inverso, nuestras direcciones IP pueden aparecer en los registros WHOIS y DNS de los sitios web que utilizan nuestros Servicios. Somos un conducto para la información controlada por otros. La responsabilidad en cuanto al contenido transmitido a través de nuestra red (por ejemplo, imágenes, contenido escrito, gráficos, etc.) recae en nuestros Clientes y sus usuarios.

Cloudflare también almacena datos de actividad del servidor y de la red, y observaciones y análisis derivados de los datos de tráfico recopilados por Cloudflare durante la prestación de los Servicios (en conjunto, "Métricas operativas"). Los ejemplos de métricas operativas incluyen métricas de disponibilidad y de disponibilidad del servicio, volúmenes de solicitudes, tasas de error, tasas de caché y puntuaciones de amenazas de IP.

Information from Third Party Services. We may combine information we collect as described in this Section with personal information we obtain from third parties. For example, we may combine information entered on a Cloudflare sales submission form with information we receive from a third-party sales intelligence platform vendor to enhance our ability to market our Services to Customers or potential Customers.


Cloudflare only processes personal information in a way that is compatible with and relevant to the purpose for which it was collected or authorized. As a general matter, for all categories of data described in Section 2 above, except public DNS resolver user data, we may use the information (including personal information, to the extent applicable) to:

  • Provide, operate, maintain, improve, and promote the Websites and Services for all users of the Websites and Services;
  • Enable you to access and use the Websites and Services;
  • procesar y completar transacciones, y enviarle información relacionada, incluidas confirmaciones de compra y facturas;
  • enviar mensajes transaccionales, incluidas las respuestas a sus comentarios, preguntas y solicitudes; atender y asistir al cliente; y enviarle avisos técnicos, actualizaciones, alertas de seguridad y mensajes de asistencia y administrativos;
  • Enviar comunicaciones comerciales, de acuerdo con sus preferencias de comunicación, como informarle sobre productos y servicios, funciones, encuestas, boletines informativos, ofertas, promociones, concursos y eventos sobre nosotros y nuestros socios; y enviar otras noticias o información sobre nosotros y nuestros socios. Consulte la Sección 9 para obtener información sobre la gestión de sus preferencias de comunicación;
  • procesar y entregar entradas y premios de concursos o sorteos;
  • supervisar y analizar las tendencias, el uso y las actividades en relación con los Sitios web y los Servicios, y con fines comerciales o publicitarios;
  • cumplir con las obligaciones legales, así como investigar y evitar transacciones fraudulentas, accesos no autorizados a los Servicios y otras actividades ilícitas;
  • Personalize the Websites and Services, including by providing features or content that match your interests and preferences;
  • To register visitors to our offices and to manage non-disclosure agreements that visitors may be required to sign, to the extent such processing is necessary for our legitimate interest in protecting our offices and our confidential information against unauthorized access; and
  • tratar con otros fines para los cuales obtenemos su consentimiento. Public Resolver Users. We use information we collect from resolver users to operate and improve the resolver, such as to assist us in our debugging efforts if an issue arises. Our resolver service does not store resolver users’ personal data. We will not combine any information collected from DNS queries to our resolver with any other Cloudflare or third party data in any way that can be used to identify individual end users. Learn more about our resolver commitment to privacy here.

Log Data from End Users. We use and process the Log Data from End Users to fulfill our obligations under our Customer agreements and act as a data processor and service provider pursuant to data processing instructions by our Customers.


Cloudflare may aggregate data we acquire about our Customers, Administrators, and End Users, including the Log Data described above. For example, we may assemble data to determine how Web crawlers index the Internet and whether they are engaged in malicious activity or to compile web traffic reports and statistics. Non-personally identifiable, aggregated data may be shared with third parties.


Please note that the “personal information” referenced in this Privacy Policy means “personal data” as that term is defined under the European Union (“EU”) General Data Protection Regulations (“GDPR”) and its United Kingdom (“UK”) GDPR counterpart. Cloudflare is a data controller for the Personal Data collected from all categories of data subjects listed above except for the Personal Data of End Users. Cloudflare processes the Personal Data of End Users on behalf of its Customers.

If you are an individual from the European Economic Area (the “EEA”), the UK or Switzerland, please note that our legal basis for collecting and using your personal information will depend on the personal information collected and the specific context in which we collect it. We normally will collect personal information from you only where: (a) we have your consent to do so, (b) where we need your personal information to perform a contract with you (e.g. to deliver the Cloudflare Services you have requested), or (c) where the processing is in our legitimate interests. Please note that in most cases, if you do not provide the requested information, Cloudflare will not be able to provide the requested service to you.

En algunos casos también podemos tener la obligación legal de obtener de usted información personal o necesitarla para proteger sus intereses vitales o los de otra persona. Cuando nos basemos en su consentimiento para tratar su información personal, podrá retirar o denegar el consentimiento en cualquier momento. Cuando nos basemos en nuestros intereses legítimos para tratar su información personal, tendrá derecho a oponerse.

Si tiene alguna pregunta o necesita más información sobre la base jurídica con arreglo a la cual recopilamos y usamos su información personal, comuníquese con nosotros a través de la dirección de correo electrónico privacyquestions@cloudflare.com.


We work with other companies who help us run our business (“Service Providers”). These companies provide services to help us deliver customer support, process credit card payments, manage and contact our existing Customers and Administrators as well as sales leads, provide marketing support, and otherwise operate and improve our Services. These Service Providers may only process personal information pursuant to our instructions and in compliance both with this Privacy Policy and other applicable confidentiality and security measures and regulations, including our obligations under the EU-US and Swiss-US Privacy Shield frameworks described in Section 7, below.

Específicamente, no permitimos que nuestros Proveedores de servicios vendan ninguna información personal que compartimos con ellos o utilicen la información personal que compartimos con ellos para fines de marketing propios ni para ningún otro fin que no esté relacionado con los servicios que nos prestan.

Además de compartir su información con los Proveedores de servicios como se ha descrito, también podemos compartirla con otras personas en las circunstancias siguientes:

  • dentro del Grupo Cloudflare, definido a los efectos de esta Política como Cloudflare Inc. (Estados Unidos) y sus subsidiarias enumeradas en la Sección 16;
  • con nuestros revendedores y otros socios de ventas que puedan ayudarnos a distribuir los Servicios a los Clientes;
  • con un desarrollador de aplicaciones cuando instale una aplicación desde nuestra App Marketplace;
  • en el caso de una fusión, venta, cambio de control o reorganización de toda la parte que nos corresponda de nuestro negocio;
  • cuando estemos obligados a divulgar información personal para responder a citaciones, órdenes judiciales o procesos legales, o para establecer o ejercer nuestros derechos legales o defendernos contra demandas legales. (Obtén más información acerca de cómo manejamos los requerimientos de aplicación de la ley aquí);
  • Cuando creamos de buena fe que compartir es necesario para investigar, prevenir o emprender medidas en relación con actividades ilícitas, sospechas de fraude, situaciones que impliquen amenazas potenciales para la seguridad física de una persona o infracciones de las condiciones de uso de nuestro Sitio web, el Acuerdo de suscripción de autoservicio o las Condiciones de servicio de suscripción de la empresa; o cuando así se requiera para cumplir con nuestras obligaciones legales; o
  • según consientas en un momento determinado. Public DNS Resolver Users: Cloudflare does not share resolver logs with any third parties except for anonymous logs shared with APNIC pursuant to a Research Cooperative Agreement. Learn more about information sharing specific to the resolver here.

Registrants: If you purchase a domain name from Cloudflare’s registrar service, ICANN (The Internet Corporation for Assigned Names and Numbers) and the relevant registry operators overseeing the domain’s top-level domain require us to collect registrant data for the purposes of domain registration and via the WHOIS protocol. We may also be required to share this public data with ICANN, the relevant registry operators and other such providers with whom we contract in order to provide our domain name services, and additionally upon the legitimate request of third parties. Registrant data may include the domain name, registrant name and other contact information, and domain name server information. See our Domain Registration Agreement here.

Aviso a los residentes en California: No vendemos, alquilamos o compartimos información personal con terceros como se define en la Ley de privacidad del consumidor de California de 2018 (Artículo 1798.100 et seq. del Código civil de California), ni vendemos, alquilamos o compartimos información personal con terceros con fines de marketing directo como se define en el artículo 1798.83 del Código civil de California.


Cloudflare es una compañía mundial con sede en los EE. UU. Principalmente almacenamos su información en los Estados Unidos y en el Espacio Económico Europeo. Para facilitar nuestras operaciones internacionales, podremos transferir y acceder a dicha información en todo el mundo, incluso en otros países en los que el Grupo Cloudflare realiza operaciones para los fines descritos en esta Política.

Whenever Cloudflare shares personal information originating in the EEA, the UK, or Switzerland with a Cloudflare entity outside the EEA, the UK, or Switzerland, it will do so on the basis of the EU standard contractual clauses (adjusted to address transfers from the UK) or the Privacy Shield Frameworks detailed in this section.

Al acceder a nuestros Sitios web o Servicios y utilizarlos o al proporcionarnos información de cualquier otro modo, acepta que su información personal se transfiera a los Estados Unidos y a otras jurisdicciones en las que operamos.

Privacy Shield. Cloudflare is certified under both the EU-U.S. and the Swiss-U.S. Privacy Shield Frameworks as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the EEA, the UK, and Switzerland to the United States, respectively (“Privacy Shields”). We commit to periodically review and verify the accuracy of our policies and our compliance with the Privacy Shields. If there is any conflict between the terms in this Policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. For more information on the EU-U.S. Privacy Shield or Swiss-U.S. Privacy Shield, please visit the U.S. Department of Commerce’s Privacy Shield website at: https://www.privacyshield.gov/welcome.

Si cree que conservamos copias de sus datos personales dentro del alcance de los Escudos de privacidad, puede dirigir sus consultas por correo electrónico a SAR@cloudflare.com o por correo postal a: Cloudflare, Inc., 101 Townsend St., San Francisco, CA 94107, Attn: Data Protection Officer. Responderemos a su consulta dentro de los 30 días posteriores a la recepción y verificación de su identidad.

Si tienes alguna duda no resuelta acerca de la privacidad o el uso de los datos que consideres que no hemos abordado de un modo satisfactorio, puede ponerte en contacto con nuestro proveedor de resolución de controversias de terceros situado en los Estados Unidos (sin cargo), en https://feedback-form.truste.com/watchdog/request. Si ni nosotros ni nuestro proveedor de resolución de controversias podemos resolver su queja, usted puede, en última instancia, iniciar un procedimiento de arbitraje vinculante a través del Panel de Protección de Privacidad.

Los compromisos que hemos asumido en virtud de los Escudos de privacidad están sujetos a los poderes de investigación y aplicación de la ley de la Comisión Federal de Comercio de EE. UU. Es posible que se nos solicite que divulguemos datos personales en respuesta a solicitudes legales de las autoridades públicas, incluso para cumplir con los requisitos de seguridad nacional o las disposiciones de la ley. En tales circunstancias, es posible que por ley, resolución judicial u otro procedimiento legal se nos prohíba notificar la divulgación.


  • Attendees, Website Visitors, Customers, Administrators, and Registrants. You have the right to access, correct, update, export, or delete your personal information. You may email us at SAR@cloudflare.com with any such subject access requests (“SAR”), and we will respond within thirty (30) days. Customers and Administrators also can access, correct, export, or update their Account Information by editing their profile or organization record at cloudflare.com.

  • Public DNS Resolver Users. We do not retain any personal information about resolver users that would be subject to the data subject rights described above.

  • End Users. Cloudflare has no direct relationship with End Users. Even where “Cloudflare” may be indicated as the authoritative name server for a domain, unless Cloudflare is the owner of that domain, we have no control over a domain’s content. Accordingly, we rely upon our Customers to comply with the underlying legal requirements for subject access requests. If an End User requests that we access, correct, update, or delete their information, or no longer wishes to be contacted by one of our Customers that use our Services, we will direct that End User to contact the Customer website(s) with which they interacted directly. Our Customers are solely responsible for ensuring compliance with all applicable laws and regulations with respect to their website users.

For any SAR, we will need to verify a requestor is inquiring about their own information before we can assist. Where a SAR may implicate the personal data of another individual, we must balance the request against the risk of violating another person’s privacy rights. We will comply with SARs to the extent required by applicable law or the US-Swiss or US-EU Privacy Shield. In the EEA, the UK, and Switzerland, you also have the right to lodge a complaint with a supervisory authority.


Cloudflare le enviará comunicaciones comerciales en función de las preferencias que tenga en la configuración de cuenta. Cloudflare también le enviará comunicaciones relacionadas con el servicio. Puede gestionar la recepción de comunicaciones comerciales haciendo clic en el enlace "cancelar suscripción" que encontrará en la parte inferior de los mensajes de correo electrónico, a través de su configuración de cuenta si dispone de una cuenta Cloudflare o enviando una solicitud a unsubscribe@cloudflare.com.


Adoptamos todas las medidas necesarias para que la información que usted nos proporciona esté protegida frente a pérdidas, usos indebidos y accesos, divulgaciones, alteraciones y/o destrucciones no autorizados. Hemos implementado las medidas físicas, técnicas y administrativas apropiadas para proteger y asegurar su información, y utilizamos tecnologías para la mejora de la privacidad, como el cifrado. Si tiene alguna pregunta acerca de la seguridad de su información personal, puede ponerse en contacto con nosotros a través de privacyquestions@cloudflare.com.


If we make changes to this Policy that we believe materially impact the privacy of your personal information, we will promptly provide notice of any such changes (and, where necessary, obtain consent), as well as post the updated Policy on this website noting the effective date of any changes.


Podremos asignar o transferir esta Política, así como la información que en ella se cubre, en caso de fusión, venta, cambio de control o reorganización de toda la parte que nos corresponda de nuestro negocio.


Las versiones de esta Política en idiomas distintos al inglés son traducciones que se proporcionan con fines meramente prácticos. En caso de que surjan ambigüedades o conflictos entre las traducciones, la versión inglesa será la autorizada y la que prevalezca.


Si tienes alguna duda no resuelta acerca de la privacidad o el uso de los datos que consideres que no hemos abordado de un modo satisfactorio, puede ponerte en contacto con nuestro proveedor de resolución de controversias de terceros situado en los Estados Unidos (sin cargo), en https://feedback-form.truste.com/watchdog/request.


Cloudflare Portugal, Unipessoal Lda., further identified in the Contact Information section below, is our EU representative pursuant to Article 27 of the EU GDPR. Cloudflare, Ltd., further identified in the Contact Information section, is our UK representative pursuant to the UK GDPR.


Cloudflare, Inc. 101 Townsend St. San Francisco, CA 94107 Attention: Data Protection Officer privacyquestions@cloudflare.com

Cloudflare, Ltd. County Hall/The Riverside Building Belvedere Road London, SE1 7PB Attention: Data Protection Officer privacyquestions@cloudflare.com

Cloudflare Portugal, Unipessoal Lda. Largo Rafael Bordalo Pinheiro 29 1200-369 Lisboa Attention: Data Protection Officer privacyquestions@cloudflare.com

Cloudflare Germany GmbH Rosental 7 80331 München Attention: Data Protection Officer privacyquestions@cloudflare.com

Cloudflare Pte., Ltd. 182 Cecil Street, #35-01 Frasers Tower, Singapore 069547 Attention: Data Protection Officer privacyquestions@cloudflare.com

Cloudflare Australia Pty Ltd. 333 George St., 5th Floor Sydney, NSW 2000 Attention: Data Protection Officer privacyquestions@cloudflare.com

Cloudflare (Beijing) Information Technology Co., Ltd. 16 South Guangshun Street Donghuang Building 17th Floor Chaoyang District Beijing 100015 Attention: Data Protection Officer privacyquestions@cloudflare.com

¿Tiene preguntas?

Si tienes preguntas sobre estas condiciones o sobre Cloudflare, no dude en ponerte en contacto con nosotros:

+1 (650) 319-8930

Cloudflare, Inc.
101 Townsend St,
San Francisco, CA 94107
A la atención de: Data Protection Officer